Mailing Lists: Apple Mailing Lists
Image of Mac OS face in stamp
 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Add to authorization policy database error


On Dec 7, 2004, at 08:11, Steven Palm wrote:


Greetings,

I thought this was something I was doing wrong, as I had pretty much taken the AuthForAll sample code directly to add some rights to the authorization policy database, but it turns out that it just doesn't want to add the class I was trying for....

Can't you add a custom right with this rule:

kAuthorizationRuleAuthenticateAsSessionUser "authenticate-session- user"

Every time I tried it failed. However, using the same code, I can easily add this:

	kAuthorizationRuleClassAllow			"allow"

I'd really like to have a right set up that requires only that the user, even if non-admin, has to authenticate themselves.

Oops - you've found a bug. /etc/authorization only contains authenticate-session-owner as a rule. I will add that rule in /etc/authorization by the name authenticate-session-user too.

In the mean while keep using the constant and modify or duplicate the rule in /etc/authorization.

Conrad.
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Apple-cdsa mailing list      (email@hidden)
Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/apple-cdsa/email@hidden

This email sent to email@hidden
References: 
 >Add to authorization policy database error (From: Steven Palm <email@hidden>)



Visit the Apple Store online or at retail locations.
1-800-MY-APPLE

Contact Apple | Terms of Use | Privacy Policy

Copyright © 2007 Apple Inc. All rights reserved.